Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/wfR0O8P_tbDGoEwA-YwVDr42FbI.roa
File:                     wfR0O8P_tbDGoEwA-YwVDr42FbI.roa (raw, json)
Hash identifier:          pHvCR3FRJdALAE/c7zMX7qLKadw/8DT8Ib3xOgFqxvY=
Subject key identifier:   C1:F4:74:3B:C3:FF:B5:B0:C6:A0:4C:00:F9:8C:15:0E:BE:36:15:B2
Certificate issuer:       /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial:       019C6CC19E3BA3C519D8AEFAFB81BBBACE25
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/wfR0O8P_tbDGoEwA-YwVDr42FbI.roa
Signing time:             Tue 17 Feb 2026 17:59:14 +0000
ROA not before:           Tue 17 Feb 2026 17:59:14 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     215238
IP address blocks:        31.59.131.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:6c:c1:9e:3b:a3:c5:19:d8:ae:fa:fb:81:bb:ba:ce:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
        Validity
            Not Before: Feb 17 17:59:14 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=c1f4743bc3ffb5b0c6a04c00f98c150ebe3615b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:6f:0d:5f:6e:3d:fe:07:e5:1f:46:18:0c:f9:
                    50:0a:0f:20:f3:01:e9:4f:d2:7f:40:f6:cc:04:82:
                    7f:6b:c7:8b:2d:f1:20:b3:7f:65:b2:fe:aa:42:55:
                    d9:37:87:39:6d:b4:7a:03:0f:bd:f0:f0:bd:e9:12:
                    f2:e7:20:96:b4:71:4b:e1:3e:72:29:19:09:7e:22:
                    08:50:da:bd:4d:5f:2b:b1:70:fc:81:e9:28:4e:e9:
                    89:2d:52:0b:84:1a:b5:fc:1d:e9:6d:19:41:72:51:
                    62:d8:eb:25:5a:60:e0:8e:10:ab:4c:1f:92:a1:4c:
                    21:f3:d0:92:5c:d4:33:f2:bc:2e:86:a4:1c:e1:37:
                    74:3f:60:c0:0b:ce:4f:c0:39:60:03:f9:a8:fb:87:
                    96:a3:45:4c:48:35:fa:31:92:21:52:ae:16:77:da:
                    0b:11:05:48:2d:e7:74:8e:16:c2:9f:92:94:e4:e2:
                    01:f0:3b:03:e5:ea:23:ea:4f:8f:94:89:69:fe:ce:
                    02:f7:ea:e0:0f:ec:47:08:90:0d:d0:9b:33:0f:87:
                    5c:22:af:34:8b:22:aa:e4:36:05:88:f6:1b:00:53:
                    93:b2:51:9b:46:40:85:92:aa:43:ac:67:7e:cb:8a:
                    7f:9f:bc:90:0e:24:ae:98:cb:2c:52:cf:8f:4a:00:
                    2b:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:F4:74:3B:C3:FF:B5:B0:C6:A0:4C:00:F9:8C:15:0E:BE:36:15:B2
            X509v3 Authority Key Identifier:
                keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/wfR0O8P_tbDGoEwA-YwVDr42FbI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.59.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:7f:c7:b7:4e:d9:c0:30:69:80:2c:ea:5a:28:33:99:68:2c:
         87:1d:ec:ed:30:07:a6:60:05:83:e2:a0:43:75:da:f0:cc:73:
         20:2c:ce:5a:6a:21:41:06:55:3c:d4:13:02:0b:81:38:01:fe:
         25:58:53:99:35:d7:58:eb:1e:f3:86:dc:97:f5:87:36:f8:28:
         97:e7:3c:cb:f7:69:88:a6:2c:cc:67:65:c0:82:d8:0b:b7:cc:
         5c:ae:0d:21:8c:b1:ed:59:8b:33:74:4c:e0:f8:c7:af:2e:de:
         2f:ef:d6:e8:01:3a:e3:2f:7f:be:e0:19:d9:40:ae:da:4d:1b:
         be:8c:db:3a:61:e1:52:08:f5:4b:75:38:00:c2:1e:bc:10:cb:
         2a:4e:c4:63:53:55:bb:97:a7:a9:8e:4c:ca:32:2d:86:70:92:
         ba:99:8d:24:45:d7:e0:e8:03:4e:04:f6:5b:e5:74:d5:98:3c:
         a8:72:40:e5:3d:81:f9:71:82:05:f7:80:f6:30:ed:44:5c:64:
         20:4f:bc:cd:bc:9f:a9:91:0c:67:c0:3d:38:5f:bd:a7:9b:6e:
         d3:d4:49:22:d8:0d:a0:d9:80:68:7b:45:8e:a8:06:4e:3f:1e:
         3b:16:2c:f7:20:1a:ae:81:75:6c:05:e1:19:68:49:65:e7:2d:
         24:61:23:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZxswZ47o8UZ2K76+4G7us4lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwMjE3MTc1OTE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWY0NzQzYmMzZmZiNWIwYzZhMDRjMDBmOThjMTUwZWJlMzYxNWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxG8NX249/gflH0YYDPlQCg8g8wHp
T9J/QPbMBIJ/a8eLLfEgs39lsv6qQlXZN4c5bbR6Aw+98PC96RLy5yCWtHFL4T5y
KRkJfiIIUNq9TV8rsXD8gekoTumJLVILhBq1/B3pbRlBclFi2OslWmDgjhCrTB+S
oUwh89CSXNQz8rwuhqQc4Td0P2DAC85PwDlgA/mo+4eWo0VMSDX6MZIhUq4Wd9oL
EQVILed0jhbCn5KU5OIB8DsD5eoj6k+PlIlp/s4C9+rgD+xHCJAN0JszD4dcIq80
iyKq5DYFiPYbAFOTslGbRkCFkqpDrGd+y4p/n7yQDiSumMssUs+PSgArcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMH0dDvD/7WwxqBMAPmMFQ6+NhWyMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvd2ZSME84UF90YkRHb0V3QS1Zd1ZEcjQyRmJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHzuDMA0G
CSqGSIb3DQEBCwUAA4IBAQCsf8e3TtnAMGmALOpaKDOZaCyHHeztMAemYAWD4qBD
ddrwzHMgLM5aaiFBBlU81BMCC4E4Af4lWFOZNddY6x7zhtyX9Yc2+CiX5zzL92mI
pizMZ2XAgtgLt8xcrg0hjLHtWYszdEzg+MevLt4v79boATrjL3++4BnZQK7aTRu+
jNs6YeFSCPVLdTgAwh68EMsqTsRjU1W7l6epjkzKMi2GcJK6mY0kRdfg6ANOBPZb
5XTVmDyockDlPYH5cYIF94D2MO1EXGQgT7zNvJ+pkQxnwD04X72nm27T1Eki2A2g
2YBoe0WOqAZOPx47Fiz3IBqugXVsBeEZaEll5y0kYSNv
-----END CERTIFICATE-----